libyal / libsigscanLinks
Library for binary signature scanning.
☆28Updated last year
Alternatives and similar repositories for libsigscan
Users that are interested in libsigscan are comparing it to the libraries listed below
Sorting:
- Anti-AV compilation☆44Updated 11 years ago
- MALM: Malware Monitor☆50Updated 12 years ago
- VB Exe Parser is an IDA script written in Python. This script will help you to parse VB program internal structures. It can find: Event, …☆18Updated 8 years ago
- Scanning and identifying XOR encrypted PE files in PE resources☆28Updated 11 years ago
- ☆33Updated 6 years ago
- Bootkits Revisited☆40Updated 11 years ago
- A sample project for using Capstone from a driver in Visual Studio 2015☆36Updated 9 years ago
- Library for Windows XML Event Log (EVTX) data types☆18Updated 10 months ago
- Anti-Anti-Debugger Plugins☆19Updated 12 years ago
- Modified edition of cuckoomon☆49Updated 7 years ago
- C++ wrapper for YARA.☆45Updated 5 years ago
- A plugin for x64dbg for x86 emulation powered by the Unicorn-engine.☆29Updated 9 years ago
- Sample libraries to be used with IAT Patcher☆34Updated 2 years ago
- Simple tool for unpacking packed/protected malware executables.☆33Updated 13 years ago
- OpenHIPS prevents exploitation of Windows systems☆35Updated 12 years ago
- Library and tools to access the Microsoft Internet Explorer (MSIE) Cache File (index.dat) files☆16Updated last year
- CAPE monitor DLLs☆41Updated 5 years ago
- Simple standalone bundle of NT core APIs☆27Updated 9 years ago
- Exploit WinIo - Vidix and Run Shellcode in Windows Kerne ( local Privilege escalation )☆28Updated 9 years ago
- ransomware_begone☆42Updated 9 years ago
- Intercept arbitrary functions at run-time, without knowing their typedefs☆88Updated 8 years ago
- windows create process with a dll load first time via LdrHook☆30Updated 8 years ago
- ☆34Updated 7 years ago
- libemu shim layer and win32 environment for Unicorn Engine☆72Updated 8 years ago
- Open Source Rootkit☆22Updated 8 years ago
- modify binary Portable Executable to hook its export functions☆63Updated 6 years ago
- Two tools used during our analysis of the Microsoft binary injection mitigation implemented in Edge TH2.☆53Updated 8 years ago
- Analysis PE file or Shellcode☆50Updated 9 years ago
- Windows kernel vulnerability in win32k.sys Driver☆35Updated 9 years ago
- injects a DLL into a running process or starts a process with DLL being the very first one imported.☆35Updated 12 years ago